That's
not completely accurate. There are the implied rules that are setup in the
Policy Properties. Check those settings (on 4.1SP3, default control
channels for management are opened) or set your view to show implied
rules. Then take the time to run a complete nmap scan (ports 1-65535)
against all interfaces of your firewall. The nmap scan will take a long
time (1-10 hours), but it's better to know what is happening than to not
know.
If
you have your rulebase configured with a "catch-all" rule at the end, then
only the ports you specifically allow in your rulebase, and those defined in
your properties (ICMP, DNS, etc.) are open.
Dan
Guinn
NetStar Communications
Hi,
Is there any way through which we can find out
what all ports are open on firewall. Like if Database server is behind the
firewall then can we cahek wether port for DB service is open or
not.
I already tried nmap to do that, it shows port
open on FW m/c but that does not reflect that gave us access to DB
server.
Thanks
|